n – Rootkit ZeroAccess

November 9, 2012

Alex NightWatcher

Rootkits No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

n – Rootkit ZeroAccess removal

File	Virus Alias
n	Rootkit ZeroAccess
n	Trojan Graftor
n	Trojan Agent
n	Trojan Downloader
n	Trojan Generic

Created files:

C:\RECYCLER\S-1-5-21-515967899-854245398-1708537768-1003\$ae229ccd6a28e4e88a473737ee4e0fed\@ – Rootkit ZeroAccess
C:\RECYCLER\S-1-5-21-515967899-854245398-1708537768-1003\$ae229ccd6a28e4e88a473737ee4e0fed\n – Rootkit ZeroAccess

Autostart registry keys:

HKCU\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32\ThreadingModel: Both
HKCU\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 : C:\RECYCLER\S-1-5-21-515967899-854245398-1708537768-1003\$ae229ccd6a28e4e88a473737ee4e0fed\n.

Detected by UnHackMe:

n
Default location: C:\RECYCLER\S-1-5-21-515967899-854245398-1708537768-1003\$ae229ccd6a28e4e88a473737ee4e0fed\n

Dropper information:
SHA256: 91655e45ddb2ff580ea6612186eec1b9222e638e40bea9904b4a1f2c2e26c86e
SHA1: 0a2e487e154edd895dbd5b44c8c69f65ba57e689
MD5: 40b431a141a0ed13c03e011e5398299e
File size: 124928 bytes

Leave a Reply Cancel reply

You must be logged in to post a comment.